auUser
The auUser class is part of the auLib package. It provides common functions for users, and needs to be extended in order to work with a site's specific users table.
Usage
auUser implements some functions that are most likely useful to any site's user system. Since different sites will usually have different needs for their user systems, this class does not implement any specifics and should be extended by each site in order to do so.
Constants
_AU_USER_SESS_TIMEOUT
How long a user can go between page requests before their session times out and they are no longer considered logged in. It's possible that the lifetime of the session cookie sent by PHP will be shorter than this time, depending on settings.
_AU_USER_COOKIE_LIFE
How long the "remember me" cookie should last.
_AU_USER_COOKIE_NAME
Name the "remember me" cookie should be saved under. The default value is autologin.
_HOST
If not defined already when auUser is included, this will get set to the host name with www or similar removed. For example, with a hostname of www.track7.org, _HOST will be set to track7.org. This is used for removing the domain part of links to the same site.
Public Data
$Valid
True if the object represents a valid user.
$LoginMessage
Results of trying to log in.
$ID
Logged-in user's ID, if the user is valid.
$Name
Logged-in user's display name, if user is valid.
Protected Data
$db
Connection to the database (usually an auDB object).
$homepage
Page to load after login. Change this value in GetUserInfo() to send the user to a specific page.
Public Functions
new auUser
new auUser($db)
Creates a new user object. Normally this function should not need to be overridden by classes that extend auUser.
- $db = Database connection for looking up user information.
EncryptPassword
EncryptPassword($password)
Encrypts a plain-text password for storing in a cookie or the database.
- $password = Plain-text password to encrypt.
- @return = Encrypted password.
CheckPassword
CheckPassword($password, $hash)
Checks a plain-text password against an encrypted password.
- $password = Plain-text password.
- $hash = Encrypted password.
- @return = True if passwords match.
Protected Functions
Classes that extend auUser might find these functions useful, but they are not generally available.
ProcessRegistrationForm
ProcessRegistrationForm()
Attempts to process the user registration form (must be overridden to use site-specific user data).
- @return = True if user was successfully registered and logged in.
GetUserInfo
GetUserInfo($id, $login, $password, $hashed)
Gets user information from the database (must be overridden to get site-specific user data).
- $id = Look up information for user with this ID.
- $login = True if the user is logging in (i.e. from the login form or from the auto-login cookie). Default is not logging in.
- $password = If present, this password is checked against the user's password stored in the database. Default is not to check a password.
- $hashed = Set this to true if $password is set to the hashed version of the user's password. Default is not hashed.
- @return = True if user information was retrieved.
GetGuestInfo
GetGuestInfo()
Gets user information for a guest user (should be overridden to get site-specific user data).
UpdatePassword
UpdatePassword($newpass)
Updates the password for the user to use the latest hash algorithm (should be overridden to update site-specific user data). This function is called automatically when a user whose password is stored using a previous hash algorithm logs in. use EncryptPassword to get the new hash, then store that value in the database. The base function simply gets the new hash. Since it doesn’t store the hash by default, not overriding this function simply won’t update users to the new hash algorithm at login meaning the new algorithm is only used by new users and password changes.
- $newpass = The password in plain-text.